Using Delinea Roles for Ansible

The following details of the advanced directory structure are the best practices recommended by Ansible. This includes Ansible roles for Delinea, which allow you to deploy and configure components easily into your environment.

Using Advanced Directory Structure

Ansible best practices recommend using an advanced directory structure, including Ansible roles for Delinea, to easily deploy and configure components in your environment.

The top level of the directory contains files and directories similar to the following:

Copy

production            # inventory file for production servers
staging               # inventory file for staging servers

group_vars/
   group1.yml         # here assign variables to particular groups
   group2.yml
hosts_vars/
   hostname1.yml      # here assign variables to particular systems
   hostname2.yml

site.yml              # master playbook

roles/
   common/            # this hierarchy represent a “role”
      tasks/          #
         main.yml     # <-- tasks file can include smaller files
      handlers/       #
         main.yml     # <-- handlers file
      templates/      # <-- files for use with the template resource
         ntp.conf.j2  # <-- templates end in .j2 (Jinja2 notation)
      files/          # <-- files for use with the template resource
         bar.txt      # <-- files for use with the copy resource
         foo.sh       # <-- script files for use with the script resource
      vars/           #
         main.yml     # <-- variables associated with this role
      defaults/       #
         main.yml     # <-- default lower priority variables for this role
      library/        # roles can include custom modules
      module_utils/   # roles can also include custom module_utils
      lookup_plugins/ # or other types of plugins, like lookup in this case

  delinea_audit/     # role for Centrify Audit and Monitoring Services
  delinea_auth/      # role for Centrify Authentication and Privilege Elevation Services
  delinea_vault/     # role for Centrify Privileged Access Service

Alternative structures aim to display inventory in a separate directory, which is especially helpful when group_vars and host_vars have little in common across different environments. For more details, see the Ansible official documentation.

Master Playbook Example

Copy

---
- hosts: all
roles:
- delinea_vault
- delinea_auth
- delinea_audit